With more and more of our lives online, staying safe is more important than ever. One simple way is a method called multi-factor authentication (sometimes called two-factor authentication). It sounds complicated, but really it’s a very simple idea: it’s basically a way of verifying it’s really you logging into your account, and not someone else?
So how does it work? Where can you use it? And what else do you need to know? Read on, and you’ll be safer than ever in just a few minutes.
What is multi-factor authentication?
It’s a way of making your online accounts more secure. You don’t need any complicated software or knowhow to make it work, just a phone and a computer will do.
What does it do?
It verifies that it’s definitely you trying to log in to your account, and not someone pretending to be you. Think of it as a simple identity check, but you don’t need to speak to anyone or show your passport or anything like that. Instead, it’s all done automatically.
How does it work?
It’s simple. When you log in to an online account using your computer or tablet, the service will send you a code via text message. All you do is enter the code when asked, and you’ll prove that you are who you say you are, and not a hacker trying to gain access to your online account. The service will then let you complete the login process. It’s the belt and braces approach to logging in securely.
What do you need to be aware of?
It’s not perfect. If someone had your login details and stole your phone, they could read the secure code you’re sent and access your online accounts. But the likelihood of that is much lower than just someone obtaining your login details.
The messages are free to receive, too, so it won’t cost you anything. In some cases, you’ll receive a phone call instead of a text message, but you still enter the code when prompted, so it works just the same. And again, the phone call is free to receive.
Where can you use multi-factor authentication?
Security is a more pressing issue than ever, so more and more online services offer multi-factor authentication. Amazon is one of them – turn it on, and you’ll be asked to enter a code every time you buy something, so even if someone hacks into your account they won’t be able to spend your money. (Here’s how to switch it on.) Apple also has it, as does Google, Facebook, Microsoft, Yahoo, PayPal, and all sorts of other online services.
If you want to know if your online service supports multi-factor authentication, just ask them.
How do you set up multi-factor authentication?
It’s slightly different for each service, but generally you’ll find the option to switch on multi-factor authentication in the settings menu, or the ‘My Account’ section of the website or app. Then the process is very similar.
First, you’ll need to register your mobile number with your account – it should ask you to do this once you’ve enabled multi-factor authentication. Then when you enter your password to log in, you should get a text message containing a unique code. Enter this when prompted, and you’ll be able to prove it’s you, and log in as normal.
From now on, you’ll get a message with a unique code every time you log in.
What is strong customer authentication (SCA)?
This is another way of making payments more secure, both in-store and online. The rise of contactless payments has made shopping more convenient than ever, but it also means that anyone who’s stolen your card can spend away without having to know your PIN number. Strong customer authentication hopes to stop that.
Here’s how it works: contactless payments will work as normal, but every now and again you’ll be asked to enter your PIN number. This will help ensure it’s you making the purchase, and not someone who’s stolen your card.
The checks will be random, so you won’t know when you’ll have to enter your PIN and when you won’t. Most of us can carry on as normal, but make sure you remember your PIN just in case you’re asked for it. Alternatively, carry a back-up card with you whose PIN you do remember.
If you’re paying using your smartphone or smartwatch using a mobile payment system like Apple Pay or Google Pay, you should carry your physical bank card with you as well, just in case you get checked at random.
It applies online as well. But this time, when you buy something online the retailer will send a unique code to your phone that you have to enter (in other words, just like multi-factor authentication). So make sure you have your phone with you. These checks are carried out by your bank card issuer rather than the retailer, so you don’t have to register your mobile phone number with the shop you’re buying from. But as long as you make sure your bank has your mobile phone number on file, you should be good to go.